1
0
forked from baron/baron-sso

adminfront: TenantListPage에 세부 기능 권한(tenants / manage_tenants) 우회 및 제어 전격 적용하여 접근 제한 버그 해결

This commit is contained in:
2026-06-12 15:50:46 +09:00
parent d39838a1c9
commit 2820ca941d

View File

@@ -377,6 +377,7 @@ function TenantListPage() {
queryFn: fetchMe, queryFn: fetchMe,
}); });
const profileRole = normalizeAdminRole(profile?.role); const profileRole = normalizeAdminRole(profile?.role);
const isWritable = profileRole === "super_admin" || !!profile?.systemPermissions?.manage_tenants;
const query = useInfiniteQuery({ const query = useInfiniteQuery({
queryKey: ["tenants", "lazy", debouncedSearch, scopeTenantId], queryKey: ["tenants", "lazy", debouncedSearch, scopeTenantId],
@@ -581,7 +582,7 @@ function TenantListPage() {
return () => window.removeEventListener("message", onMessage); return () => window.removeEventListener("message", onMessage);
}, [allTenants, scopePickerOpen]); }, [allTenants, scopePickerOpen]);
if (profile && profileRole !== "super_admin") { if (profile && profileRole !== "super_admin" && !profile?.systemPermissions?.tenants) {
return ( return (
<div className="flex h-[50vh] flex-col items-center justify-center space-y-4"> <div className="flex h-[50vh] flex-col items-center justify-center space-y-4">
<h3 className="text-lg font-bold"> <h3 className="text-lg font-bold">
@@ -840,7 +841,8 @@ function TenantListPage() {
} }
actions={ actions={
<> <>
<RoleGuard roles={["super_admin"]}> {isWritable && (
<>
<input <input
ref={fileInputRef} ref={fileInputRef}
name="tenant-import-file" name="tenant-import-file"
@@ -914,7 +916,8 @@ function TenantListPage() {
</DropdownMenuItem> </DropdownMenuItem>
</DropdownMenuContent> </DropdownMenuContent>
</DropdownMenu> </DropdownMenu>
</RoleGuard> </>
)}
<Button <Button
variant="outline" variant="outline"
@@ -928,14 +931,14 @@ function TenantListPage() {
{t("ui.common.refresh", "새로고침")} {t("ui.common.refresh", "새로고침")}
</span> </span>
</Button> </Button>
<RoleGuard roles={["super_admin"]}> {isWritable && (
<Button asChild size="sm" className="h-9"> <Button asChild size="sm" className="h-9">
<Link to="/tenants/new"> <Link to="/tenants/new">
<Plus size={16} /> <Plus size={16} />
{t("ui.admin.tenants.add", "테넌트 추가")} {t("ui.admin.tenants.add", "테넌트 추가")}
</Link> </Link>
</Button> </Button>
</RoleGuard> )}
</> </>
} }
/> />
@@ -1071,7 +1074,7 @@ function TenantListPage() {
{t("ui.common.apply", "적용")} {t("ui.common.apply", "적용")}
</Button> </Button>
<div className="w-px h-4 bg-background/20 mx-1" /> <div className="w-px h-4 bg-background/20 mx-1" />
<RoleGuard roles={["super_admin"]}> {isWritable && (
<Button <Button
variant="ghost" variant="ghost"
size="sm" size="sm"
@@ -1083,7 +1086,7 @@ function TenantListPage() {
<Trash2 size={14} /> <Trash2 size={14} />
{t("ui.common.delete", "삭제")} {t("ui.common.delete", "삭제")}
</Button> </Button>
</RoleGuard> )}
</div> </div>
<Button <Button
variant="ghost" variant="ghost"